Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-862

CWE-862

High likelihood

Missing Authorization

Parent: CWE-285 - Improper Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

8,331 vulnerabilities with CWE-862

CVE-2025-6105 MEDIUM

jflyfox jfinal_cms 5.0.1 - Cross-Site Request Forgery via Logout Argument

CVE-2025-48916 MEDIUM

Drupal Bookable Calendar <2.2.13 - Forceful Browsing

CVE-2025-5815 MEDIUM

WordPress Traffic Monitor <3.2.2 - Info Disclosure

CVE-2025-5282 HIGH

WP Travel Engine < 6.5.1 - Unauthenticated Arbitrary Post Deletion via delete_package()

CVE-2025-5288 CRITICAL

WP plugin <2.0.3 - Privilege Escalation

CVE-2025-49181 HIGH

SICK media_server - Missing Authorization in API Endpoint

CVE-2025-48444 MEDIUM

Drupal Quick Node Block <2.0.0 - Info Disclosure

CVE-2025-48013 MEDIUM

Drupal Quick Node Block < 2.0.0 - Missing Authorization

CVE-2025-29756 HIGH

SunGrow's back end users system - Info Disclosure

CVE-2025-1055 MEDIUM

K7 Security Anti-Malware - Privilege Escalation

CVE-2025-27505 MEDIUM

GeoServer - Missing Authorization on REST API Index

CVE-2025-49509 MEDIUM

Roland Beaussant Audio Editor & Recorder <2.2.1 - Info Disclosure

CVE-2025-42993 MEDIUM

SAP S/4HANA (Enterprise Event Enablement) - Missing Authorization Check in Inbound Binding Configuration

CVE-2025-42991 MEDIUM

SAP S/4HANA (Bank Account Application) - Authenticated Missing Authorization in Attachment Deletion

CVE-2025-42989 CRITICAL

SAP NetWeaver Application Server for ABAP - Authenticated Privilege Escalation via RFC Inbound Processing

CVE-2025-42987 MEDIUM

SAP Manage Processing Rules - Privilege Escalation

CVE-2025-42984 MEDIUM

SAP S/4HANA Manage Central Purchase Contract - Privilege Escalation

CVE-2025-42983 HIGH

SAP Business Warehouse - Privilege Escalation

CVE-2025-42982 HIGH

SAP GRC (AC Plugin) >=V1100_700 <V1100_700 and >=V1100_731 <V1100_731 - Missing Authorization

CVE-2025-5900 MEDIUM

Tenda AC9 15.03.02.13 - Cross-Site Request Forgery

CVE-2025-5888 MEDIUM

jsnjfz WebStack-Guns 1.0 - Cross-Site Request Forgery

CVE-2025-49651 HIGH

BackendAI - Unauthenticated Session Takeover via Missing Authorization

CVE-2025-49265 HIGH

WP Swings Membership For WooCommerce <2.8.1 - Info Disclosure

CVE-2025-48147 MEDIUM

CryptoCloud - Crypto Payment Gateway <2.1.2 - Info Disclosure

CVE-2025-48139 MEDIUM

StyleAI <= 1.0.4 - Missing Authorization

Previous Page 124 of 334 Next

Details

Vulnerabilities 8,331

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy